More details on Twitter's failure to control spammers

Dec. 6th, 2014 10:54 am
jducoeur: (Default)
Ah -- there's the followup.

In my rant the other day about Twitter's incompetence, I mentioned that I was continuing to get emails *after* I had rejected an email address. This just happened three times in a row, all identical, so I now see a bit more of what's going on.

The original fake accounts had email addresses of the form "wrigk2px@w***.org". I definitely rejected these, saying that they were not valid addresses. What has now just happened is that I've received matching emails from Twitter, one to each of them, with a subject line of "Thanks for checking in, [Fake Name]" saying (with a pretty graphic), "Nice to see you again. With the Twitter app [big graphic of a phone], you'll never miss a moment of the conversation. [Download button]". These are addressed to "RECLAIMED_172128452_wrigk2px@w***.org".

I have no idea what this "RECLAIMED" nonsense is about, but at this point I am much more prepared to slam Twitter for incompetence. I'm honestly unsure whether this followup spam is being initiated by the spammers or by Twitter themselves, but they are totally not taking enough care to remove bogus email addresses from the system. There is no excuse whatsoever for me continuing to receive emails to my domain after I have explicitly told them that this is not a real account.

And I should note, the really I am *seriously* angry at them is the complete lack of *any* obvious mechanism to report this. Their help system is a maze of twisty little passages that tries to enumerate every kind of problem they can think of, automating the support for each one. This problem isn't listed anywhere, and the ones that are even vaguely close all lead into complex and inappropriate forms that are definitely *not* appropriate. I can't find an "other" category anywhere, nor any way to, eg, contact a support representative, after about fifteen minutes of clicking links all over the place. So I haven't yet been able to figure out any way to report this problem, leaving me with little option but to vent publicly. *That* is almost definitionally incompetent customer service.

(The only thing I can think of is to link to @Support, which I'm going to try with this post.)

I suspect I'm going to have no choice but to install the rather expensive Block Sender app (thanks to Laurion for suggesting this line of thinking), and hope that it works. But even if it does, Twitter deserves brickbats for forcing me into this and not providing a decent approach...
Tags:

Twitter seems to be deliberately encouraging spam accounts

Dec. 3rd, 2014 08:25 am
jducoeur: (Default)
Okay, the only way to get a rise out of anybody these days seems to be embarrassing companies on social media. Let's see if Twitter is paying any attention.

One of my domains has a long-standing but rapidly growing problem with Twitter Spammers. Specifically, some jackass has decided to use my personal domain to create lots of fake accounts on Twitter. This used to be only occasional, but I got three of them today, all pretty bloody obvious: I got confirmation emails to "hiv3s7@w***.org", "wrig7ryv@w***.org" and "wrig2px@w***.org". Of course, none of these are real emails, but they all land in my inbox since I own the domain. And the hell of it is, I can do *nothing* to shut these fraudsters down!

Seriously, this is where, as far as I can tell, Twitter is simply giving a gigantic f-u to anyone who owns a domain. The *only* thing I can do is to respond individually to each of these and say "this isn't my email address". That doesn't actually shut down the spammy twitter account -- I can't even say, "I own this domain, and I am 100% certain that this is an attempt to spam". There is absolutely nowhere I can find on Twitter's Help system to let me say, "my domain is being attacked through you; stop allowing people to sign up through w***.org", and there is no sign that they are noticing that every attempt to sign up via w***.org is being rejected and gee, maybe they should learn something from that.

It's getting to the point where I'm thinking of writing Twitter off as a bad idea, and simply spam-boxing all email from it, rather than trying to be helpful. I wish I had the slightest indication that they actually cared in the slightest about their users...
Tags:

LinkedIn Spam

Oct. 11th, 2014 11:47 am
jducoeur: (Default)
[Please pardon a brief rant.]

Okay, I am beginning to lose patience with LinkedIn. My network there has leveled out for the time being, which is fine -- I haven't been pursuing it very aggressively lately, and I'm pretty picky there. (Whereas I'll accept Facebook invites from essentially anybody I know, even tangentially, my bar for LinkedIn is that I have to know somebody well enough to be at least somewhat comfortable recommending them for a job.)

And the thing is, I'm continuing to get invitations -- more often than not from strangers. And I don't just mean "this person is at one remove from me in the network" -- today's example is from "Icey Dfs", who is "Sales at Dongguan Dingfeng Silicone Products Co., Ltd", in, no shit, Guangdong, China.

Let's cut the claims that this is about networking: this is spam, plain and simple. And at this point, that spam is making up fully half of the invites I'm getting from LinkedIn -- not a huge number, but at this point I expect large social networks to be good at spam control. Worse, LinkedIn has *no option* for reporting invitations as spam! Hell, the email invite doesn't even give me the option of ignoring the damned thing, and I know that, by tossing it in the trash, I'm going to get another copy next week, reminding me of the invitation I pointedly don't want.

Yes, it is probably true that changing my profile title to CEO/Architect didn't help this, but I don't much care -- if the spammers are focusing on people with managerial titles, that means they are hitting LinkedIn's prime audience the worst. LinkedIn needs to bring this crap under control, or I may conclude that it's not the trouble maintaining an account...
Tags:

The danger of automated news

Jul. 29th, 2014 09:41 am
jducoeur: (Default)
Interesting and very true article over on TechCrunch a few days ago. It's worth reading (it's not terribly long), mainly about the way that the automated algorithms on Facebook et al, which mostly just keep feeding us more of what we click on, can wind up providing not just a skewed view of the world but an *incredibly* depressing one. Since doom and disaster is what we (collectively) are most likely to click on, these algorithms just keep feeding us more and more of it, until it becomes too unpleasant to even be at the screen.

A much less-unpleasant but still irritating example: at some point, on Twitter, I apparently clicked on a couple of links relating to Neil Gaiman, and something, somewhere, decided that he was *the* topic I was most interested in. It is the wildest of wild overkill -- I mean, I like the guy's work, but literally *half* of the suggestions for tweets I might be interested in are about him. I've had to make a discipline of *never* clicking on any of those, simply to avoid feeding this bug with any more evidence.

None of which says that it is *impossible* to come up with personalization algorithms that produce a better view of the news. But it's a good reminder that the ones we have are, by and large, still mostly pretty terrible...
Tags:

Identities vs. Users

Jun. 18th, 2014 10:56 pm
jducoeur: (querki)
I am often scathing in my opinions about how badly the major social networks deal with issues of Identity -- in particular, their stupidly coarse-grained view of the world, which often ignores the fact that many people would like to be able to easily use multiple distinct online identities. (Work vs. Home vs. Play vs. Kink, etc.)

That said, the Querki project is reminding me that doing this stuff right is pretty hard. Consistently distinguishing between a User (an actual, real-life person, accessing Querki on their desktop or phone), and a potentially unlimited number of distinct Identities for each of them, requires constant, careful thought. Doing it *well*, so that Identities don't "leak", is especially tricky.

Mind, I'm not promising HIPAA-grade protections at this point, much less life-and-death security: it's infeasible for me to do that level of security auditing any time in the next year or two. But that *is* the long-term goal. I should be able to have a Facebook account, multiple Google profiles, an LDAP profile from work, a Twitter account, a native Querki login, an LJ login, and so on, all connected to the same Querki account, and I should be able to easily say that certain of those accounts aren't visibly the same person.

(Why? Because I'm trying to not build Yet Another Bloody Social Network. I would like folks to be able to use their existing flists from the social networks inside Querki, and have it Just Work. But that requires dealing with the fact that those flists aren't necessarily fungible: I might well be trying to keep them distinct. Querki should facilitate that, insofar as we can.)

The problem pervades almost everything. Take my current project, for a typical example: implementing Notifications. The trick here is that a Notification (a System Message, a Personal Message, a Space Change Notification, whatever) is sent from an Identity to another Identity, but is actually *delivered* to a User. That is, I should be able to easily see all of the new Notifications from all of my Spaces, regardless of which Identity I am using in any given Space. And when I reply to one, it should automatically come from the appropriate Identity, without me needing to think about it manually.

(Yes, there are nasty edge cases if I want to have multiple distinct Identities within the same Space. For the moment, I'm simply not allowing that -- it opens up all *sorts* of sock-puppeting abuses, and needs to be thought through very carefully.)

I don't think I actually know any service that has ever actually tried to do this right, although it wouldn't surprise me if a few exist. Making it usable is going to be a heck of a project. Mind, I'm not tackling the thorny UI issues yet -- so far, we only have the native Querki logins, and we don't yet have the ability to link those together. But if I'm ever to have the slightest hope of accomplishing this, I have to get the data structures and communication right, and if we're not going to have accidental breaches the system has to play completely fair internally: the knowledge of how Identities relate to Users is tightly controlled internally, and most subsystems don't have direct access to it.

It's a fascinating project, and it does give me a *little* sympathy to the social network companies. It doesn't require malice to not want to deal with this -- the simple truth is that, if you don't build it in from the beginning, with a crisp distinction between your concepts, it's probably nearly impossible to do it well...
Tags:

What mainstream social network features *should* LiveJournal pick up?

Jun. 16th, 2014 04:57 pm
jducoeur: (Default)
Having just shared an EW article on Facebook, it crystallized for me a point about LJ's recent "+1 button" flap.

The thing that bothered me about the whole +1 feature, I am now realizing, is that it was a solution in search of a problem. That is, my sense was that LJ was mostly doing it to keep up with the Joneses, with no thought to what the actual effects on the community would be. It was notable that they never said, "Here is a problem we're trying to address, and this is the way we're planning to deal with it" -- they just said, "Here's a new feature", with no rationale presented at any point aside from the fact that Everybody Else Does it.

And the thing is, I don't actually *like* this feature on FB or G+, because it is too ambiguous. I certainly use it, but I am always bothered by it. FB's "Like" is connotationally wrong in many circumstances: what I usually want to say is, "I agree with this post" -- but there are a lot of posts on horrible subjects, where pressing the "Like" button is just plain squicky. And Google's "+1" is (deliberately, I suspect), semantics-free -- it is never quite clear *what* somebody means when they press it. Sometimes it indicates agreement, sometimes it's a cheap-and-quick way to share the link, sometimes it is simply a way to store this link for future reference.

(Of course, the truth is that both buttons mostly exist for the purposes of giving more information to Facebook and Google, so that they can more accurately profile you, to sell you as an advertising target.)

When I ponder it, I find that I wouldn't actually mind buttons with clearer semantics. A simple "I agree" button would have some downsides (in that it would reduce the impetus to actually comment meaningfully), but at least I would understand its purpose. Frankly, an "I read this" would fulfill the social-back-scratching that many people mean when they say "Like". A configurable mechanism, that let you design your *own* buttons on your blog, and choose from a palette of canned options, might be downright spiffy and interesting. (If more challenging to implement.)

This is leading me to wonder which features from the big social networks I actually *want* in LJ. The one that jumps out to me is "Share". I've wound up doing most of my link-sharing via FB these days, simply because it is so damned *easy*: click the button, type my meta-comments, and it's done. I'd love to have something similar for LJ, but of course LJ can't make sites pick them up, and nowadays they're sufficiently minor that most sites won't. I suspect the right answer would be for someone to implement this as a browser plugin that detects the presence of a Facebook "Like" button and injects the LJ version. (Or possibly just adds a right-click that lets you Share any page via LJ.) Does this already exist?

Anyone have other ideas? LJ's comment system is vastly better than FB or G+'s, and it had the concept of distinct flists long before they picked the idea up. Are there any other features of the other social networks, or variations thereof, that you think would be positive additions to LJ? And for that matter, what features *have* you always wanted to see on LJ?
Tags:

Small but telling LinkedIn gripe

Mar. 5th, 2014 08:43 am
jducoeur: (Default)
I just ignored an invitation to connect that I got on LinkedIn. When I did so, it asked me why I was ignoring it, and offered me two options:

-- I don't know this person
-- The invitation was spam

There was no "other" option presented. And, notably, the usual reason why I ignore LinkedIn invitations was missing: I just plain don't want this person in my LinkedIn network. I mean, I do know him slightly, from an online forum. I have found him to be a somewhat self-important ass who doesn't listen to other people. My primary criterion for accepting a LinkedIn invite is, "Would I recommend this person for a job?", which requires knowing someone pretty well, and trusting their ability to perform well in their chosen field. He doesn't qualify.

Of course, I simply ignored LinkedIn's request for a reason -- I essentially said "other" by closing the window. But there's a subtle social pressure there, a message from the service (and I'm not sure whether they're doing it intentionally) that the only *legitimate* reasons for ignoring a request are because it is abusive. That's a dumb mistake, especially for LinkedIn above all the other social networks. Their only real advantage is the fact that people *don't* use it like Facebook, accepting friend requests indiscriminately; folks who understand it well use it as a Rolodex, building up more genuine trust networks.

If LinkedIn was smart, they would be focusing on that -- encouraging *better*, well-defined networks, which requires a real measure of selectivity. Instead, they seem to be tacitly falling into the usual social-network trap of assuming that Bigger Is Better. They may come to regret that missed opportunity, especially if somebody else figures it out and pounces...
Tags:

Different definition of "friend"

Jan. 13th, 2009 12:09 pm
jducoeur: (Default)
It says something that I now have (I just checked) more "friends" on Facebook than I do on LiveJournal, despite the fact that I spend less than 5% as much attention on it. But I've knuckled under and accepted the mantra, "It's just Facebook -- friending doesn't matter", so I'm now accepting pretty much every invitation that comes my way from people I even vaguely know, a far lower standard than I apply to LJ. (Although I'm still tending to toss invitations that garner a completely blank "who?" from me, and I get a surprising number of those as well.)

In practice, "friend" really means "acquaintance" in FB's vocabulary. This *may* prove to be okay as they ramp up their "friend list" mechanism: if apps pick up on this properly and permit fine-grained filtering, it's not necessarily a train wreck. But I'm still fighting my own LJ-trained instincts: since I actively read the majority of the people that I friend on LJ (and rarely unfriend), I'm used to that being a pretty high bar...
Tags:

Different definition of "friend"

Jan. 13th, 2009 12:09 pm
jducoeur: (Default)
It says something that I now have (I just checked) more "friends" on Facebook than I do on LiveJournal, despite the fact that I spend less than 5% as much attention on it. But I've knuckled under and accepted the mantra, "It's just Facebook -- friending doesn't matter", so I'm now accepting pretty much every invitation that comes my way from people I even vaguely know, a far lower standard than I apply to LJ. (Although I'm still tending to toss invitations that garner a completely blank "who?" from me, and I get a surprising number of those as well.)

In practice, "friend" really means "acquaintance" in FB's vocabulary. This *may* prove to be okay as they ramp up their "friend list" mechanism: if apps pick up on this properly and permit fine-grained filtering, it's not necessarily a train wreck. But I'm still fighting my own LJ-trained instincts: since I actively read the majority of the people that I friend on LJ (and rarely unfriend), I'm used to that being a pretty high bar...
Tags:

Profile

jducoeur: (Default)
jducoeur
Querki

July 2025

S M T W T F S
  12345
6789101112
13141516171819
20212223242526
27 28293031  

Syndicate

RSS Atom

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Top of page